LANCOM LAnguage for Network COnfiguration and Management - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

LANCOM LAnguage for Network COnfiguration and Management

Description:

ROUTING/ FIREWALLING COMMANDS FOR LINUX. TRANSLATOR ARCHITECTURE OF ... ROUTING/ FIREWALLING COMMANDS FOR FREE BSD. LANCOM COMPILER. Programming Constructs ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 15
Provided by: milind2
Category:

less

Transcript and Presenter's Notes

Title: LANCOM LAnguage for Network COnfiguration and Management


1
LANCOMLAnguage for Network COnfiguration and
Management
  • Chitra S Agastya (csa2111_at_columbia.edu)Nipun
    Arora (na2271_at_columbia.edu)Sambuddho Chakravarty
    (sc2516_at_columbia.edu)Milind Nimesh
    (mn2353_at_columbia.edu)Ashish Singh Tomar
    (ast2124_at_columbia.edu)

2
Meet the System Administrator
  • Implement security / access policies on various
    of routers and firewalls
  • Proficient in esoteric configuration languages
  • Configure complex security strategies using low
    level firewall rules

3
The End Result.
  • Affects scalability of the network
  • No reusability of code
  • Conflicts arise due to use of different router
    configuration languages in the same network
  • Misconfigurations are source of most network
    vulnerabilities

4
The Business Angle
  • Security managers need a single place to look
    for the corporate policies on who gets in and who
    doesnt
  • -Forrester report

5
The Solution LANCOM
  • An out of the box solution to configure routers
    in a network, manufactured by different vendors
  • Device Independent Configuration Language
  • Domain Specific
  • User Focus Network Administrator

6
LEXER
LANCOM COMPILER
PARSER
SYNTAX DIRECTED TRANSLATION
INPUT SOURCE PROGRAM
OUTPUT CONFIG. FILE
COMMAND CLASSES
SYMBOL TABLE
CONFIGURATION ACTIONS
ROUTING/ FIREWALLING COMMANDS FOR LINUX
ROUTING/ FIREWALLING COMMANDS FOR FREE BSD
TRANSLATOR ARCHITECTURE OF LANCOM
7
Programming Constructs
  • Host
  • Host Group
  • Topology
  • Route

8
Program Structure
  • prog
  • Declarative Statements
  • Assignment Statements
  • Configuration Statements
  • endprog

policy_type_t pol pol inbound deny tcp dst
1.1.1.1 netmask 255.255.255.0 8088 apply policy
pol
9
Separation of Network Topology and Security
Policy Description
POLICY ROLE HOST HOST
GROUP TOPOLOGY
  • prog
  • ipaddr_t ip1,ip2
  • ip11.1.1.1
  • ip24.4.4.4
  • policy_type_t p1
  • p1 inbound deny tcp src 2.2.2.2
  • netmask 255.255.255.0 all
  • role_type_t r1
  • r1role p1, outbound deny dst ip2 netmask
    255.255.255.255 all
  • host_type_t h1
  • h1ip_addr 6.6.6.6 netmask 255.255.255.0
  • host_group_type_t hg1
  • hg1host_group h1, ip_addr 5.5.5.5 netmask
    255.255.255.0
  • topology_type_t t1
  • t1hg1 r1
  • apply topology t1
  • endprog

10
(No Transcript)
11
Device Independent Configuration
  • prog
  • policy_type_t p
  • pinbound deny tcp dst 10.3.0.6 netmask
    255.255.255.0 8088
  • apply policy p
  • endprog
  • Linux (iptables)
  • /sbin/iptables -I FORWARD -p tcp -d
    10.3.0.6/255.255.255.0 -s 0.0.0.0/0.0.0.0
    --destination-port 8088 -j DROP
  • FreeBSD(ipfw)
  • /sbin/ipfw add deny tcp from 0.0.0.00.0.0.0 to
    10.3.0.6255.255.255.0 8088

12
Tools Used
13
What we learned
  • AntlrWorks an easy to use GUI interface for
    writing your own language
  • Networking Concepts
  • Team Work
  • Not all team members were conversant with
    networking

14
THANK YOU!!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "LANCOM LAnguage for Network COnfiguration and Management" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!